Malware

Should I remove “Malware.AI.3463678893”?

Malware Removal

The Malware.AI.3463678893 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Malware.AI.3463678893 virus can do?

  • Drops a binary and executes it
  • The binary contains an unknown PE section name indicative of packing
  • The binary likely contains encrypted or compressed data.
  • The executable is compressed using UPX
  • Authenticode signature is invalid
  • Attempts to modify proxy settings
  • Deletes executed files from disk
  • Yara rule detections observed from a process memory dump/dropped files/CAPE

How to determine Malware.AI.3463678893?



File Info:

name: 3B98B6FF279AED6A71C2.mlw
path: /opt/CAPEv2/storage/binaries/5e9cbac9fe83305b16d76fcca9396c96c00f5abeca3f95447673e01b647806e0
crc32: 3E078765
md5: 3b98b6ff279aed6a71c237cb44e5fcb2
sha1: 421208333c3277910f61f1c8e3a520efd9b317d0
sha256: 5e9cbac9fe83305b16d76fcca9396c96c00f5abeca3f95447673e01b647806e0
sha512: eb49959aeb165744f6bd7826175b42e951391047f243a6ae0fe03b40d3284fbd61d6387cc90244f141bfc5a7209410a928c66dffe2484313539420d9ec04e9da
ssdeep: 6144:eXzKdNY49u8rV1Jm4k40Ffx1oivC01net:la4AyJm4k4mw01
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T19C448C236E4A5911FB328E3805A367ED7A96FF41149F354B10C5B64E32B7293120BA7F
sha3_384: d43f5136c15473187b10d2808a2124658ad8882081bfec84845e13fe4384d9e570a3e40512e24fb6c3303e133ac363ca
ep_bytes: 60be00d045008dbe0040faff5783cdff
timestamp: 2022-11-03 11:35:44


Version Info:

Comments: ITS GCO Bootstrap
CompanyName: Internet Testing Systems
FileDescription: ITS GCO Bootstrap
FileVersion: 2.5.0.2
InternalName: VerifyAndLaunch
LegalCopyright: (C) Internet Testing Systems
OriginalFilename: VerifyAndLaunch.exe
ProductName: ITS GCO Bootstrap
ProductVersion: 2.5.0.2
Translation: 0x0409 0x04b0

Malware.AI.3463678893 also known as:

BkavW32.AIDetectMalware
SangforTrojan.Win32.Save.a
K7AntiVirusRiskware ( 00584baa1 )
K7GWRiskware ( 00584baa1 )
Cybereasonmalicious.f279ae
BitDefenderThetaAI:Packer.4625DC2A1F
CynetMalicious (score: 100)
APEXMalicious
McAfee-GW-EditionGenericRXWH-XS!3B98B6FF279A
Trapminemalicious.high.ml.score
FireEyeGeneric.mg.3b98b6ff279aed6a
GDataWin32.Trojan.PSE.7U60V6
JiangminTrojanSpy.Xegumumune.zj
Antiy-AVLTrojan/Win32.PossibleThreat
AhnLab-V3Malware/Win.Generic.R602740
MalwarebytesMalware.AI.3463678893
PandaTrj/Genetic.gen
TrendMicro-HouseCallTROJ_GEN.R002H06I223
RisingTrojan.Generic@AI.100 (RDML:h6PMJvb8wHaevHD14r0SZA)
MaxSecureTrojan.Malware.121218.susgen
FortinetW32/PossibleThreat
CrowdStrikewin/malicious_confidence_70% (W)

How to remove Malware.AI.3463678893?

Malware.AI.3463678893 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment